CVE-2007-3903

CWE-3993 documents3 sources
Severity
6.8MEDIUM
EPSS
55.2%
top 1.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedDec 12
Latest updateMay 1

Description

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/internet_explorer10 versions+9
NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-9xr7-28fx-hh67: Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to t2022-05-01
CVEList
CVE-2007-3903: Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to t2007-12-12
CVE-2007-3903 (MEDIUM CVSS 6.8) | Microsoft Internet Explorer 6 and 7 | cvebase.io